Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-srxw-jjvr-p3d5
Vulnerability ID VCID-srxw-jjvr-p3d5
Aliases CVE-2007-3304
Summary The Apache HTTP server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the HTTP server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service.
Status Published
Exploitability 0.5
Weighted Severity 4.8
Risk 2.4
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2007-3304
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2007-3304
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2007-3304
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2007-3304
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2007-3304
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2007-3304
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2007-3304
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2007-3304
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2007-3304
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2007-3304
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2007-3304
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2007-3304
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2007-3304
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2007-3304
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2007-3304
apache_httpd moderate https://httpd.apache.org/security/json/CVE-2007-3304.json
cvssv2 4.7 https://nvd.nist.gov/vuln/detail/CVE-2007-3304
Reference id Reference type URL
ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc
http://bugs.gentoo.org/show_bug.cgi?id=186219
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588
http://httpd.apache.org/security/vulnerabilities_13.html
http://httpd.apache.org/security/vulnerabilities_20.html
http://httpd.apache.org/security/vulnerabilities_22.html
http://lists.vmware.com/pipermail/security-announce/2009/000062.html
http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.GA15192%40redhat.com%3e
http://marc.info/?l=apache-httpd-dev&m=118252946632447&w=2
http://osvdb.org/38939
http://rhn.redhat.com/errata/RHSA-2007-0556.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3304.json
https://api.first.org/data/v1/epss?cve=CVE-2007-3304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
http://secunia.com/advisories/25827
http://secunia.com/advisories/25830
http://secunia.com/advisories/25920
http://secunia.com/advisories/26211
http://secunia.com/advisories/26273
http://secunia.com/advisories/26443
http://secunia.com/advisories/26508
http://secunia.com/advisories/26611
http://secunia.com/advisories/26759
http://secunia.com/advisories/26790
http://secunia.com/advisories/26822
http://secunia.com/advisories/26842
http://secunia.com/advisories/26993
http://secunia.com/advisories/27121
http://secunia.com/advisories/27209
http://secunia.com/advisories/27563
http://secunia.com/advisories/27732
http://secunia.com/advisories/28212
http://secunia.com/advisories/28224
http://secunia.com/advisories/28606
http://security.gentoo.org/glsa/glsa-200711-06.xml
http://security.psnc.pl/files/apache_report.pdf
http://securityreason.com/securityalert/2814
https://exchange.xforce.ibmcloud.com/vulnerabilities/35095
https://issues.rpath.com/browse/RPL-1710
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11589
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1
http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm
http://support.avaya.com/elmodocs2/security/ASA-2007-363.htm
http://svn.apache.org/viewvc?view=rev&revision=547987
http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702
http://www-1.ibm.com/support/docview.wss?uid=swg1PK53984
http://www-1.ibm.com/support/search.wss?rs=0&q=PK50467&apar=only
http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html
http://www.mandriva.com/security/advisories?name=MDKSA-2007:140
http://www.mandriva.com/security/advisories?name=MDKSA-2007:142
http://www.novell.com/linux/security/advisories/2007_61_apache2.html
http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html
http://www.redhat.com/errata/RHSA-2007-0532.html
http://www.redhat.com/support/errata/RHSA-2007-0557.html
http://www.redhat.com/support/errata/RHSA-2007-0662.html
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://www.securityfocus.com/archive/1/469899/100/0/threaded
http://www.securityfocus.com/archive/1/471832/100/0/threaded
http://www.securityfocus.com/archive/1/505990/100/0/threaded
http://www.securityfocus.com/bid/24215
http://www.securitytracker.com/id?1018304
http://www.trustix.org/errata/2007/0026/
http://www.ubuntu.com/usn/usn-499-1
http://www.vupen.com/english/advisories/2007/2727
http://www.vupen.com/english/advisories/2007/3100
http://www.vupen.com/english/advisories/2007/3283
http://www.vupen.com/english/advisories/2007/3420
http://www.vupen.com/english/advisories/2007/3494
http://www.vupen.com/english/advisories/2007/4305
http://www.vupen.com/english/advisories/2008/0233
245111 https://bugzilla.redhat.com/show_bug.cgi?id=245111
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
CVE-2007-3304 https://httpd.apache.org/security/json/CVE-2007-3304.json
CVE-2007-3304 https://nvd.nist.gov/vuln/detail/CVE-2007-3304
GLSA-200711-06 https://security.gentoo.org/glsa/200711-06
RHSA-2007:0532 https://access.redhat.com/errata/RHSA-2007:0532
RHSA-2007:0556 https://access.redhat.com/errata/RHSA-2007:0556
RHSA-2007:0557 https://access.redhat.com/errata/RHSA-2007:0557
RHSA-2007:0662 https://access.redhat.com/errata/RHSA-2007:0662
RHSA-2008:0263 https://access.redhat.com/errata/RHSA-2008:0263
RHSA-2008:0523 https://access.redhat.com/errata/RHSA-2008:0523
USN-499-1 https://usn.ubuntu.com/499-1/
No exploits are available.
Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2007-3304
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.27093
EPSS Score 0.00098
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T12:36:14.212165+00:00 Apache HTTPD Importer Import https://httpd.apache.org/security/json/CVE-2007-3304.json 38.0.0